What’s So Sacred About Privacy? | Peer to Peer Review

I heard a couple of very interesting presentations this spring given by extremely smart people on ways that libraries can do more with data to improve the user experience, help students succeed, and make a case for the value of libraries. Last week, a group of brave speakers decided to start their slide presentation with a cow and conclude with a grilled steak, asking us to consider whether it was time to finally tackle this library sacred cow: privacy.
Barbara FisterI heard a couple of very interesting presentations this spring given by extremely smart people on ways that libraries can do more with data to improve the user experience, help students succeed, and make a case for the value of libraries. Last week, a group of brave speakers decided to start their slide presentation with a cow and conclude with a grilled steak, asking us to consider whether it was finally time to tackle this library sacred cow: privacy. Oh, boy. They got me. Not that arguments about privacy are anything new. Many years ago, when evaluating grants, I questioned a project’s research design because it involved gathering personal identifying information without mention of how it would be protected (or, in fact, whether the research would be reviewed by an institutional review board). Another librarian shrugged and said, “Look how much information credit card companies gather.” I was a bit shocked, but it has become a common response. Privacy? What privacy? We don’t have it anymore. Why should libraries be any different? I’ve heard countless arguments that seem to pit user preferences, convenience, and the progress of humankind against stodgy rule-worshipping librarians obsessed with an outdated fetish. In these battles, privacy often loses because it gets in the way of good customer service, and librarians generally don’t feel comfortable insisting on values patrons don’t care about. They must not care about privacy, or they wouldn’t go around using credit cards, would they? Or phones. Or Facebook. Or Google. Or pretty much anything, now that surveillance and selling masses of aggregated personal information is the business model of the Internet and is quickly becoming the business model of everything. It’s also becoming a powerful instrument of state power. After all, how could we expect the government, thwarted in its goal to create a Total Information Awareness program, to keep its hands off such tempting piles of data? Under these circumstances, why does it matter whether libraries bother to keep their users’ reading habits private? Amazon knows exactly what you’re reading, which pages you linger over, what products you bought last Tuesday, and which movies you’ve streamed. In exchange, it remembers where you left off reading and can sync up audio and print for you and recommend things to buy or read. Why can’t libraries be equally helpful and personalized? Privacy is contrary to the way we live now, and given the extraordinary amount of information collected about our lives and how our lives intersect with the lives of others, does it really matter whether a particular person checked out a book, downloaded an article, or threw certain search terms at a database? Libraries could learn a lot from users about what they are interested in, what confuses them, whether the things we spend so much money on match patrons’ interests. Libraries can make a case for their value by showing correlations between use of the library and student success by tying specific student records to their involvement in various library programs, proving that good students use libraries. (I should point out that the librarians who raised the cow question have done all this while doing an admirable job of keeping personally identifying data private.) But why stop there? Think how librarians could intervene if they could see what sources students were choosing for their work. No, that 1953 article from JSTOR is not a good choice for your paper. We see you are struggling with a search; can we suggest better search terms? We notice you are using a lot of websites but not many scholarly sources. Here’s a tutorial that explains what you’re missing. It just might help you boost that flagging GPA. We know you’re majoring in environmental studies, so we’ll highlight the most relevant search results for you. How will the library’s discovery systems ever be as good as Google if we can’t collect and use data to improve the search experience and enhance our value proposition? If libraries protect patron privacy but ignore the erosion of privacy everywhere else, as we have tended to do, happily pushing Kindles, teaching nifty ways to search Google, and pestering our patrons to like us on Facebook, we could be accused of letting a herd of big stupid animals named Privacy wander the library to make messes on the carpet and get in everyone’s way. Perhaps we tolerate those cows mindlessly, out of habit, even though the McDonald’s down the street serves hamburgers that came from cows just like ours. But there is a reason that privacy remains a core library value. It may be rare, these days, but it’s necessary for freedom. I truly believe that. This doesn’t put libraries in a comfortable position. If we think of Google and Amazon as our competition, we come up short largely because they have more money than we do but partly because they gather and use massive amounts of personal data effectively. However, contrary to the dogma of late capitalism, we aren’t in competition with them. We do something they don’t do: we serve communities, not just customers, and our goal is the common good, not profits. Even so, there are no easy answers, and new ethical issues bubble up almost daily. Twitter is going to allow scholars to study billions of public tweets. This is causing some of the discomfort people felt when they learned that the Library of Congress was going to preserve those tweets. Sure, we knew our posts were public, but when fleeting thoughts become part of a pattern, that pattern may reveal more than we want it to, or simply provide too much information about our lives. The European Union, which takes privacy more seriously than U.S. law does, has recently issued a rule that will implement the “right to be forgotten” in a way that challenges free speech. How can we critique public figures if they have the power to edit the public record and delete links to embarrassing material from Google? Facial recognition software is going to make it harder than ever to be anonymous in the crowd, and the Internet of Things will follow us home and check up on us constantly. Then there’s Big Brother. The National Security Agency (NSA) has become so invasive that even the companies that made a mint on invading our privacy are lobbying for the government’s access to be reined in. It’s bad for business. Privacy is in the news daily. We need to think beyond patron records and beyond our institutions when we think about privacy. Fortunately, I have also attended some terrific presentations this spring about this issue—one by Dorothea Salo (who also wrote about this issue here at Peer to Peer Review) and another by Eric Stroshane, whose superb “Defense Against the Digital Dark Arts” program was adopted by the American Library Association (ALA) during Choose Privacy Week. I don’t believe that privacy is a sacred cow. But I do believe that we should do more to promote informed discussion about how privacy and freedom intersect, what we can do to inform public policy, and how to protect ourselves from those digital dark arts. Because, as professionals who work in institutions committed to the public good and intellectual freedom, this is our job.
Comment Policy:
  • Be respectful, and do not attack the author, people mentioned in the article, or other commenters. Take on the idea, not the messenger.
  • Don't use obscene, profane, or vulgar language.
  • Stay on point. Comments that stray from the topic at hand may be deleted.
  • Comments may be republished in print, online, or other forms of media.
  • If you see something objectionable, please let us know. Once a comment has been flagged, a staff member will investigate.


Thanks, all - I think we're encountering a new and very powerful moment, when the power to gather quantities of information and do things with it is heady stuff, and we're surrounded by people who believe it is going to change everything: what we buy, what we do, how we are educated, how we understand ourselves and how we represent ourselves in the world. It has certainly had an impact on business and finance (and the speed of computerized trading has no public benefit but apparently can increase private weath while creating absolutely nothing). The interrelationships between Silcon Valley values and the surveillance-industrial complex are deep and troubling. One thing about quantification is that it seems somehow neutral, truthful, unquestionable. In reality, of course, it's nothing of the kind, and the information it yields seems so far not even very accurate. As Glen Greenwald pointed out on Twitter the other day, our intelligence services have access to basically all communication systems in Iraq, yet the way ISIS has seized ground seemed to take everyone by surprise. Eventually the feet of clay may become more obvious, but meanwhile I would hope that our profession will bring a critical perspective to this trend. Sadly, I think we aren't doing a very good job of that.

Posted : Jun 19, 2014 09:10

William Badke

I think the truly disturbing thing about the loss of privacy is not that we become more public persons then we intended but that we have no idea what may be the ramifications of what becomes public about us. That is why libraries for decades have protected the borrowing records of their patrons - not to provide a haven for people who want to borrow "bad" or anti-social things but to protect those persons from the prying powers-that-be who might be putting together a case against them based on what they borrow. These days, that's pretty much old hat, given the ability of just about any technological entity to track all our searches or too hack into our personal information. The issue remains the same - If privacy is not a sacred cow, there are still potential and largely unforseen consequences to being more in the public eye than you intended. It is, indeed, the task of libraries to hold off the public baring of its patrons as much as it can.

Posted : Jun 19, 2014 01:48

Mike Wells

Very thoughtful article... It is great to see consideration being given to privacy again in our profession. I struggle often as a systems librarian, as I hear more and more of institutions (libraries and otherwise) entering into questionable contractual arrangements with hosting providers, or making internal choices to gather up personal data as if we were a commercial enterprise. The flavor of the month (or few years) with technology relates to "the cloud" and in that realm, we tend to give less and less consideration to issues such as privacy protection, content ownership, and long term vendor lock. This is troubling especially as libraries begin to look at SaaS, next gen ILS platforms that are basically subscribed services that come with thoughtful ISO standard assurances for security, and little else. These services equate to a subscription service, and remove the library/librarian from the role of patron privacy control agent, and true curator of metadata collections (think OCLC WMS). Ironically, as hardware technologies advance with single board servers (think beefy Raspberry Pi's running application servers) hopefully, libraries will begin to realize the potential of owning their own cloud, and thus their own data. As servers scale down, libraries will then be able (if willing) to operate infrastructure from a literal desktop, with less worry than what comes with a traditional server environment. This autonomy will the allow us to have better control over the data we retain and eventually assess. In this subject area, I would recommend checking out the work of the Citizen Web Project (https://citizenweb.is/)

Posted : Jun 19, 2014 01:30


To me it seems the line is clear. The library is a government run institution. Whether it be academic (accepting public funds), district, city, etc. The state is held to a different standard than private business- mainly because the citizen enters into business with the private institution voluntarily. Public (or publicly academic) libraries have a relationship with their entire potential user population that is not voluntary (unless one is to argue that living in an area with a library is voluntary... but that's a silly straw man road). As an instrument of the state, funded on a non voluntary basis we have a level of responsibility to protect our members information from potential misuse... by the state or anyone else.

Posted : May 31, 2014 05:07


Get connected. Join our global community of more than 200,000 librarians and educators.

Get access to 8000+ annual reviews of books, ebooks, and more

As low as $13.50/month